The OWASP top ten is a compilation of the most common coding and configuration errors that developers build into their software every day.
As a developer, your job will be to get the product out the door – so it’s great to have a head start on secure development before you even begin. The Open Web Application Security Project reviews the top ten security failures of web applications and is the benchmark against which many web applications are judged.
For many end-user organisations, new applications will be required to have considered these risks.
- Injection
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities (XXE) NEW
- Broken Access Control MERGED
- Insecure direct object references
- Missing Function Level Access Control
- Security Misconfiguration
- Cross-Site Scripting (XSS)
- Insecure Deserialisation NEW
- Using Components with Known Vulnerabilities
- Insufficient Logging and Monitoring NEW
Brandfire can give your development team a heads up on these vulnerabilities, and talk through different coding strategies which lower the risk.